Young Alumnus Warns That Website ‘Cookies’ Are a Major Privacy Concern for Consumers

Cookies Are Not as Sweet as Search Engines Want You to Believe, Says 19-year-old DePaul Freshman

Editor’s Note: 2018 Fenwick graduate Nick Bohlsen, of Oak Park, is finishing his freshman year at DePaul University in Chicago. Bohlsen wrote this paper last semester for his “Writing Rhetoric and Discourse 103” class, earning an “A” for his effort. (A Networking Infrastructure 263 course also used a more detailed version of this report.)

By Nick Bohlsen ’18

In our modern society, our lives are becoming more intertwined with the Internet. We shop, watch television, talk to distant relatives and conduct business intercontinentally thanks to the Internet. The Internet is undoubtedly one of the greatest inventions in history, but it is not a paradise like the Internet Service Providers (ISPs) and the major search engines advertise it as.

(Image courtesy of CRU Solutions.)

As you browse through your aunt’s random photos on Facebook, for example, you may notice that the advertisements seem to be tailored to show you products that you may be interested in. They are not there by accident, but intentionally placed based on the data that web browsers and sites collect on you. As we visit sites, they start to collect key identifiers that puts us into various advertising categories. These key identifiers are called “cookies.”

Cookies are generated with every single move that we make on the Internet and hold data relevant to what we are doing: data such as passwords, credit card information, items in an online shopping cart, and more. The data gets stored onto the local machine and waits for the next time it can be used on the web. In a perfect world, this data would never be accessed by anything other than the website that originally generated the cookie. Our world, especially our online world, is not as safe as we would want it to be. The question that is raised is should internet sites and search engines be allowed to track all of this sensitive data? Should they be allowed to send this data to advertising agencies to be able to specifically target our interests? The simple answer: absolutely not.

(Techdenovo)

One of the larger issues with cookies is the amount and kinds of data that is being tracked. As mentioned before, cookies are collections of data that track what we do on the internet. This data can be something as small as our search trends to something more personal such as credit card information or social security number. Editor John Rockhold, in his article titled “How the Cookies Crumble” published in Wireless Review on June 15, 2001, quoted Jason Catlett, the president of Junkbusters. Junkbusters was a company whose goal was to advocate for consumer privacy in an era when the internet was an emerging technology. Catlett said, “Cookies were meant to be a way of storing shopping-cart information, but they quickly turned into an all-purpose surveillance mechanism” (Rockhold). This surveillance system was originally designed to work as a “working memory” for sites to make our lives easier.

Cookies have evolved into something more than that now. Advertisers on the internet are now using the data from our cookies to see what we are interested in. According to Stephen B. Wicker and Kolbeinn Karlsson, writers for The Association for Computer Machinery magazine, there are many processes in the background that put our information up for auction. Simply put: Our data gets sent all over the web to categorize our search trends, build profiles (or update ones that have already been built on our data) based on the data that was tracked. Advertisers then look at our profiles to see if displaying their ad will be cost-effective. The advertisers that find our profile attractive bid on the ad space, an advertiser wins the bidding, and their ad gets displayed on your screen. All of that happens within 100 milliseconds. (Wicker & Karlsson, 70)

Internet ad delivery is a complex process involving multiple redirections, synchronizations of user information and an auction, all in a few tens of milliseconds. (Wicker & Karlsson, 70)

According to Jane Quinn – writer for Newsweek who published the article “Fighting the Cookie Monster” in February 2000 – these profiles have plenty of our data. Her example: Say you’ve sought information about a debilitating disease, spent time in a chat room for recovering alcoholics, or gambled online. The Web sites you visit may be attached to your personal name, address, e-mail address or even phone number. Technically, searches can even be launched for key words … that you might have left in a chat room or on a public bulletin board. These records — the intimate and the mundane — can trail you for life, like Marley’s chain (Quinn).

Advertising agencies usually like to share their databases with one-another to build the perfect digital picture of you, increasing the amount of information they have from you (Quinn).

The benefit of allowing the advertisers and companies that use this data is that we will never see an ad that has no meaning to us; nor will we ever see an ad more than once. They also claim that there would be fewer free sites on the internet without the intensive tracking (Goldsborough). The one that benefits the most from this agreement, however, is the advertiser. At the cost of our information, they display advertisements to us that they are more likely to get us to click on them. They get more money from their advertisements and more of our information to target us even more efficiently. That is a parasitic relationship in which the parasite gains while the host loses.

Another reason these sweet morsels of our personal data should not be so readily accessible is the possibility of our private information becoming not-so private. Vint Cerf and Bob Kahn – the inventors of the internet – were not worried about security in their initial designs. They viewed the internet as one happy place where everybody would play nice with each other and be responsible. As we know, that is not what the ecosystem of the internet is today. As this data is being sent back and forth on the web, it is possible that someone can break into the system and intercept our personal information.

One potential problem, according to Reid Goldsborough who is a writer for Tech Directions, is that, “…the theft of the user name and password information by hackers who could then access your bank, credit card or other account” (Goldsborough). These kinds of breaches are more common for mainstream sites such as Yahoo and Google; the smaller sites are much more prone to security breaches. These “third party” sites can have intentional data breaching code built-in or can be exploited by an outside user that is interested in your data (Goldsborough).

(DigitalBulls)

Although there is a way to reduce the number of cookies we have by deleting some, the settings that allow us to do so are usually hidden under multiple menus. That is also assuming that the user knows that they should delete their cookies every now and then, or that cookies even exist outside of the kitchen. According to the findings of Jeremy Kirk – a writer for PC World magazine – there are some very devious ways in which some of your most trusted applications can be turned by a hacker to exploit your cookies. He found that, “…some top websites using a method called “respawning,” where technologies such as Adobe’s Flash multimedia software are manipulated to replace cookies that may have been deleted” (Kirk). Adobe Flash is used on almost every website that we go to, including sites such as D2L [the cloud software used by DePaul and other schools]. Once the exploit in Flash has been run on your computer, hackers get every piece of information that you have ever inputted to the world wide web.

If today’s internet looked just like Cerf and Kahn’s idea, then we would not have this problem facing us today. As that view is virtually impossible to achieve, we must do all we can to protect our privacy in the digital age. Having our personal data stored and sent all over the internet is a very dangerous practice, and it is something that the public does not know enough about. It is up to us as users of the internet to do our due diligence and ensure that our privacy is being protected, and to reduce the number of cookies that are being generated based on our private information.

Works Cited:

Goldsborough, Reid. “The Benefits, and Fear, of Cookie Technology.” Tech Directions, vol. 64, no. 10, May 2005, p. 9. 

Kirk, Jeremy. “Three Devious Ways Online Trackers Shatter Your Privacy.” PCWorld, vol. 32, no. 10, Oct. 2014, pp. 38–40. 

Quinn, Jane Bryant. “Fighting the Cookie Monster.” Newsweek, vol. 135, no. 9, Feb. 2000, p. 63. 

Rockhold, John. “How the Cookies Crumble.” Wireless Review, vol. 18, no. 12, June 2001, p. 36. 

Wicker, Stephen B., and Kolbeinn Karlsson. “Internet Advertising: Technology, Ethics, and a Serious Difference of Opinion.” Communications of the ACM, vol. 60, no. 10, Oct. 2017, pp. 70-77.

 

Leave a Reply

Your email address will not be published. Required fields are marked *